sbs2001 on main
Update docstring in github impo… (compare)
sbs2001 on main
Add endpoints for bulk requesti… Add comment for clarity Signed… Reduce the time complexity of b… and 5 more (compare)
sbs2001 on main
Use drf-spectacular instead of … Merge pull request #310 from sb… (compare)
def _load_advisories(**kw)
is even worse, but you probably didn't mean that :)
@sbs2001 crowdsec is interesting indeed. But the data they amass becomes proprietary unfortunately.
https://crowdsec.net/faq/ Data Ownership
Those curated data are CrowdSec property and a usage right is given to users receiving an IP list. It can be even used outside of the context of CrowdSec. If you use CrowdSec and share the IP blocked with us, nothing prevents you from using the ban list you receive on your SIEM or other security tools.
I want to switch to either azure or GH action ASAP . https://news.ycombinator.com/item?id=25338983
sure thing. Let's do it. :)
ScoringSystems
in the db would be a better approach
Q
object there ?
about the ScoringSystems since it is supposed to be for humans, how about we instead have a rst file with the description of each ScoringSystem . We don't need it at db anyways
Which is why a small object would be enough IMHO (if we can avoid having the doc separate from the code, that's best and we can generate the doc from code)
@pombredanne we need to figure out endpoints for nexB/vulnerablecode#284
Would there be any problem if we assign those api/vulnerabilities
api/packages
and move the current list api
(which lives at api/vulnerabilities
api/packages
) to api/vulnerabilities/search
api/packages/search
from https://cve.mitre.org/CVEIDsAndHowToGetThem.pdf
CVE is not a vulnerability database, instead CVE allows vulnerability databases to be linked together under commonly used IDs